AlmaLinux 8 : container-tools:rhel8 (ALSA-2024:8846)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8846 advisory. Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library CVE-2024-9341 Buildah: Podman: Improper Input Validati...

AlmaLinux 8 : python3.11-urllib3 (ALSA-2024:8843)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:8843 advisory. urllib3: proxy-authorization request header is not stripped during cross-origin redirects CVE-2024-37891 Tenable has extracted the preceding description block...

AlmaLinux 8 : python3.12 (ALSA-2024:8836)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8836 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block directly...

AlmaLinux 9 : openexr (ALSA-2024:8800)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8800 advisory. OpenEXR: Heap Overflow in Scanline Deep Data Parsing CVE-2023-5841 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : thunderbird (ALSA-2024:8790)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:8790 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox: thunderbird: XS...

AlmaLinux 9 : firefox (ALSA-2024:8726)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8726 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox: thunderbird: XS...

AlmaLinux 9 : mod_http2 (ALSA-2024:8680)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:8680 advisory. modhttp2: DoS by null pointer in websocket over HTTP/2 CVE-2024-36387 Tenable has extracted the preceding description block directly from the AlmaLinux security...

AlmaLinux 8 : firefox (ALSA-2024:8729)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2024:8729 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox: thunderbird: XS...

AlmaLinux 9 : grafana (ALSA-2024:8678)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8678 advisory. golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 dompurify: nesting-based mutation XSS vulnerability CVE-2024-47875 Tenable has extracted the precedin...

AlmaLinux 9 : kernel (ALSA-2024:8617)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8617 advisory. hw: cpu: intel: Native Branch History Injection BHI CVE-2024-2201 kernel: tcp: add sanity checks to rx zerocopy CVE-2024-26640 kernel: mptcp: fix data...

AlmaLinux 9 : buildah (ALSA-2024:8563)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8563 advisory. buildah: Buildah allows arbitrary directory mount CVE-2024-9675 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

AlmaLinux 9 : python3.9 (ALSA-2024:8446)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8446 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block directly...

AlmaLinux 9 : python3.12 (ALSA-2024:8447)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8447 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block directly...

AlmaLinux 9 : python3.11 (ALSA-2024:8374)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8374 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block directly...

AlmaLinux 8 : python39:3.9 and python39-devel:3.9 (ALSA-2024:8359)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8359 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block directly...

AlmaLinux 8 : NetworkManager-libreswan (ALSA-2024:8353)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8353 advisory. NetworkManager-libreswan: Local privilege escalation via leftupdown CVE-2024-9050 Tenable has extracted the preceding description block directly from the AlmaLinux...

AlmaLinux 8 : grafana (ALSA-2024:8327)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8327 advisory. golang-fips: Golang FIPS zeroed buffer CVE-2024-9355 dompurify: nesting-based mutation XSS vulnerability CVE-2024-47875 Tenable has extracted the precedin...

AlmaLinux 9 : java-17-openjdk (ALSA-2024:8124)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8124 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-21210 JDK...

AlmaLinux 9 : java-21-openjdk (ALSA-2024:8127)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8127 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-21210 JDK...

AlmaLinux 9 : java-1.8.0-openjdk (ALSA-2024:8117)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:8117 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-21210 JDK...